[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Execution of signed scripts received by e-mail
-----BEGIN PGP SIGNED MESSAGE-----
Mark M. <[email protected]> writes:
>
> On Sat, 13 Jul 1996, Steffen Zahn wrote:
>
> > I suggest ignoring Reply-To: etc and requiring a return address inside
> > the signed region of the mail, otherwise someone could intercept the mail
> > (suppressing the original) and resend it from his account and the results
> > would get sent to the interceptor.
>
> I agree. Having a return address outside the signature allows for denial-o=
> f-
> service attacks and it would be trivial to intercept the output of the scri=
> pt.
> Definitely not a Good Thing.
>
> > Another idea would be to extract the return address from the PGP userid
> > which signed the script.
>
> There are a couple of problems with this idea:
>
> - The security of this scheme depends on trusting the user to sign her
> key. If the user doesn't, than an attacker can intercept the user's
> key and alter the key ID.
>
> - Even if the user does sign her key, there is still the problem of
> an attacker being able to generate a key with an identical key ID and
> and a different user ID. If the attacker has the ability to intercept
> and modify messages, a MITM attack would be very effective. If the
> key's fingerprint was included in the signed message, an MITM attack
> would be necessary to subvert the system.
>
> If the key's fingerprint is included in the message, then it certainly woul=
> dn't
> take much more effort to put a return address in the signed body of the
> message.
Those are both very good ideas. I'll have it require both the return
address and key fingerprint in the signed portion of the message.
>
>-- Mark
Thanks for the suggestions.
- --Matt
- --
[email protected]
-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
iQEVAwUBMejMPCjtJAMyBnp9AQFWhAf+PJkWptoICREg2a0Er6aHXPaNGzsERqad
dovSi5D8qByIzvr1ge0sjGxDAIaLXGjH4XMEAEjr+lZQI7jVa3f5wnGQRVneqbXB
sEI+Oh+3EnWut+hCAsr+PDIcRb1kLsp9v/rGhVxQkYhsLTJ55RDv5YYXVWxmB0ye
zfsuERnh6+V/q3FLs7UgAn7OjdpD3NiuFizUI4li4M03o3yT9dbecmkv0pvdeOV4
2GEHnX4WhZpmqviWHcqNkjmhcFN8hq0UHHm6oqVBW1qm/LjdHCHHZLaSHbwtIVHa
Bp39AxJfmTurwMosW3alxfWselCr6fUGBSQ7j9/REFAgt9aBxk4ISg==
=Ruc9
-----END PGP SIGNATURE-----